IETF Logo Mail Archive

[Mip4] Re: FW: Comments on VPN Problem Statement Draft

Henrik Levkowetz <henrik@levkowetz.com> Wed, 27 August 2003 07:37 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA01696 for <mip4-archive@odin.ietf.org>; Wed, 27 Aug 2003 03:37:13 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19rtia-0002xV-60 for mip4-archive@odin.ietf.org; Wed, 27 Aug 2003 02:23:45 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h7R6NgME011346 for mip4-archive@odin.ietf.org; Wed, 27 Aug 2003 02:23:42 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19rrqJ-0003Kc-1s for mip4-web-archive@optimus.ietf.org; Wed, 27 Aug 2003 00:23:35 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA17861 for <mip4-web-archive@ietf.org>; Wed, 27 Aug 2003 00:23:28 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19rrqG-0003n8-00 for mip4-web-archive@ietf.org; Wed, 27 Aug 2003 00:23:32 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19rrqG-0003n4-00 for mip4-web-archive@ietf.org; Wed, 27 Aug 2003 00:23:32 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19rmfm-0004jr-MY; Tue, 26 Aug 2003 18:52:22 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19rarq-0006P6-TO for mip4@optimus.ietf.org; Tue, 26 Aug 2003 06:16:03 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA26435 for <mip4@ietf.org>; Tue, 26 Aug 2003 06:15:56 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19rarn-0006pY-00 for mip4@ietf.org; Tue, 26 Aug 2003 06:15:59 -0400
Received: from [213.80.52.78] (helo=mailgw.local.ipunplugged.com) by ietf-mx with esmtp (Exim 4.12) id 19rarl-0006ox-00 for mip4@ietf.org; Tue, 26 Aug 2003 06:15:58 -0400
Received: from zinfandel.local.ipunplugged.com (chardonnay.local.ipunplugged.com [192.168.4.44]) by mailgw.local.ipunplugged.com (8.12.8/8.12.3) with SMTP id h7QAF7wf017287; Tue, 26 Aug 2003 12:15:07 +0200
Date: Tue, 26 Aug 2003 12:15:06 +0200
From: Henrik Levkowetz <henrik@levkowetz.com>
To: ietf-mip-vpn@liqwidnet.com, mip4@ietf.org, "Adrangi, Farid" <farid.adrangi@intel.com>
Message-Id: <20030826121506.14df5e34.henrik@levkowetz.com>
In-Reply-To: <A95D547FCC54AB47BC55E104D424339BF11E35@orsmsx407.jf.intel.com>
References: <A95D547FCC54AB47BC55E104D424339BF11E35@orsmsx407.jf.intel.com>
X-Mailer: Sylpheed version 0.8.11claws141 (GTK+ 1.2.10; i386-debian-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, hits=-2.5 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES, REPLY_WITH_QUOTES version=2.55
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp)
X-RAVMilter-Version: 8.4.4(snapshot 20030410) (mailgw.local.ipunplugged.com)
Content-Transfer-Encoding: 7bit
Subject: [Mip4] Re: FW: Comments on VPN Problem Statement Draft
Sender: mip4-admin@ietf.org
Errors-To: mip4-admin@ietf.org
X-BeenThere: mip4@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/mip4>, <mailto:mip4-request@ietf.org?subject=unsubscribe>
List-Id: Mobility for IPv4 <mip4.ietf.org>
List-Post: <mailto:mip4@ietf.org>
List-Help: <mailto:mip4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mip4>, <mailto:mip4-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

Hi,

<co_chair_hat>

	I'm picking up this thread and putting it onto the main mip4 list.
Please remove the mip-vpn design team list address from future replies.

I would like to see this draft sent up to the IESG for consideration
ASAP. In case we get (unexpected) pushback, it would be good to get it
before the solutions draft is complete...

Please respond to Farid's query below, so we can wrap this up. If any
other minor adjustments are needed as a result of the WG last call, I'd
like them done and an updated draft out soon; at which point we will
send it to the ADs. If there are no adjustments to be done, we'll send
up the current draft ( -03 ).

Let's get's this one shipped, shall we?

</co_chair_hat>

<wg_member_hat>

As Section 2 of the draft explicitly discusses possible placements of HA
vs. VPN-GW, and (as we discussed in the design team) the co-location of
an FA with the VPN-GW is a possible optimization feature of a solution
to the problems posed, rather than a separate problem scenario, my
viewpoint is that we should not put this in the problem statement draft.

It should be described properly in a vpn-traversal optimization draft,
though.

</wg_member_hat>

	Regards,
		Henrik





On Tuesday, 12 Aug 2003, Farid wrote:
> Hello All,
> What do you think about Jayshree's request to add a new scenario to
> the problem statement draft?  
> BR,
> Farid
> 
> -----Original Message-----
> From: Jayshree Bharatia [mailto:jayshree@nortelnetworks.com] 
> Sent: Wednesday, August 06, 2003 12:13 PM
> To: Adrangi, Farid
> Cc: mip4@ietf.org
> Subject: RE: Comments on VPN Problem Statement Draft
> 
> Hello Farid,
> 
> Please see my reply below.
> 
> Thanks,
> Jayshree
> -----Original Message-----
> From: Adrangi, Farid [mailto:farid.adrangi@intel.com] 
> Sent: Sunday, August 03, 2003 11:50 PM
> To: Bharatia, Jayshree [RICH1:2H13:EXCH]
> Cc: mip4@ietf.org
> Subject: RE: Comments on VPN Problem Statement Draft
> 
> 
> > Hello Jayshree,
> > Thanks for following up on this.  You, Gopal, and I had a very brief
> > conversation on this during IETF-57 - but I am not sure if we
> > derived any conclusion on whether or not we should include this
> > scenario.  To be frank, I don't quite understand the point behind
> > adding this scenario because,
> > -       It seems to present a solution to a specific deployment
> > model rather than a deployment scenario 
> 
> [JB] My understanding is different from yours so please elaborate what
> you mean by deployment model vs deployment scenario in this particular
> context.
> 
> > -       I don't quite see the advantages of  a combined VPN+FA if it
> > does not support FA traversal and it does not avoid IPsec
> > renegotiation when MN moves from one subnet to another - perhaps you
> > can elaborate on this?
> 
> [JB] I think regardless this scenario has any advantages or not, it is
> one of the probable scenario which has potential issues (as you have
> indicated earlier). 
> 
> > -       Furthermore, Scenarios in section 2 of the problem statement
> > draft represents combinations of MIPv4 HA and VPN gateway placement
> > - adding this scenario is going to change semantics of the section
> > 2.
> 
> [JB] I am not sure what you mean by semantics change here. Do you
> think documenting this in new subsection (2.6) is a problem?
> 
> > I have no problem adding this scenario to the draft - I just wanted
> > to make sure that we clearly understand the reasons for adding this
> > scenario to the problem statement draft.  Design team members and
> > interested individuals are welcome to express their opinion on this.
> >  
> > 
> > Best regards,
> > Farid
> 
> 
> 
>  
>  
>  The   following   sub-sections   introduce   five   representative
>    combinations of MIPv4 HA and VPN gateway placement.
> 
> -----Original Message-----
> From: Jayshree Bharatia [mailto:jayshree@nortelnetworks.com] 
> Sent: Thursday, July 31, 2003 1:44 PM
> To: Adrangi, Farid
> Cc: 'mip4@ietf.org'
> Subject: RE: Comments on VPN Problem Statement Draft
> 
> Hello Farid,
> 
> As per our earlier discussion during IETF-57, my understanding is that
> you will include the scenario of co-existed FA with the VPN gateway in
> the VPN Problem Statement draft.
> 
> I agree that this particular scenario has problems and it won't work
> if the MN is behind an FA in the foreign subnet. But again, this is a
> problem statement draft. Hence, I believe that this is the appropriate
> document for
> mentioning this scenario.
> 
> Thanks,
> Jayshree
> 
> -----Original Message-----
> From: Adrangi, Farid [mailto:farid.adrangi@intel.com] 
> Sent: Monday, April 07, 2003 2:58 PM
> To: Bharatia, Jayshree [RICH1:2H13:EXCH]
> Cc: 'mobile-ip@sunroof.eng.sun.com'
> Subject: RE: Comments on VPN Problem Statement Draft
> Hello Jayshree
> This is a good point - I knew someone was to bring this up!  At the
> time of writing these scenarios, we (the design team) actually
> discussed this and concluded this scenario would fall into a solution
> space.  Maybe we did not make the right decision and we should rethink
> this.  But, before we take this discussion further please allow me to
> ask you a few questions about the details of the scenario (VPN+FA)
> that you have in mind .  Are you thinking to broadcast FA
> advertisements through the IPsec tunnel to the MN?  If so, how will
> this work if MN is already behind an FA in the foreign subnet? Or, If
> you had something different in mind, perhaps you can elaborate on
> that. Best regards,
> Farid
> 
> 
> -----Original Message-----
> From: Jayshree Bharatia [mailto:jayshree@nortelnetworks.com],
> Sent: Friday, April 04, 2003 3:14 PM
> To: 'farid.adrangi@intel.com'
> Cc: 'mobile-ip@sunroof.eng.sun.com'
> Subject: Comments on VPN Problem Statement Draft
> 
> Hello Farid, 
> This draft (draft-ietf-mobileip-vpn-problem-statement-req-01)
> currently misses one scenario were the FA is co-existed with the VPN
> Gateway. I would think that there are no technical issues supporting
> this scenario. It will be good if you can add this scenario in the
> draft (perhaps as section 2.6?) for completeness.
> Thanks, 
> Jayshree 
> 


_______________________________________________
Mip4 mailing list
Mip4@ietf.org
https://www.ietf.org/mailman/listinfo/mip4

v2.23.0 | Report a Bug | By Email